Office of the Saskatchewan Information and Privacy Commissioner. Guide to FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 109 risk. As such, the Commissioner found the CRHA did not comply with subsection 16(a) of The Health Information Protection Act (the equivalent to subsection 24.1(a) of FOIP). Subsection 24.1(b) Duty of government institution to protect 24.1 Subject to the regulations, a government institution shall establish policies and procedures to maintain administrative, technical and physical safeguards that: … (b) protect against any reasonably anticipated: (i) threat or hazard to the security or integrity of the personal information in its possession or under its control; (ii) loss of the personal information in its possession or under its control; or (iii) unauthorized access to or use, disclosure or modification of the personal information in its possession or under its control; Subsection 24.1(b) of FOIP requires government institutions to establish written policies and procedures that protect against any reasonably anticipated threat or hazard to the security or integrity of personal information, loss of the personal information or against unauthorized access to or use, disclosure, or modification of the personal information. Subsection 24.1(b)(i) Duty of government institution to protect 24.1 Subject to the regulations, a government institution shall establish policies and procedures to maintain administrative, technical and physical safeguards that: … (b) protect against any reasonably anticipated: (i) threat or hazard to the security or integrity of the personal information in its possession or under its control;
RkJQdWJsaXNoZXIy MTgwMjYzOA==